Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server proxies messages to/from the different server including a set of signed cryptographic parameters signed using the private key on the different server. The different server generates the master secret, and generates and transmits the session keys to the server that are to be used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret. The different server decrypts the encrypted premaster secret, generates the master secret, and transmits the master secret to the server. The server receives the master secret and continues with the handshake procedure including generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A Transmission Control Protocol (TCP) receiver receives a SYN segment from a TCP initiator that initiates a TCP handshake between the TCP initiator and a TCP server. A first value is extracted from a predefined portion of the SYN segment. A second value is computed using an authentication algorithm that includes at least using a cryptographic hash function that takes as input at least the source IP address of the encapsulating IP packet of the SYN segment and a shared secret between the TCP initiator and the TCP receiver. If the computed second value matches the extracted first value, then the TCP handshake is allowed to continue. If the computed second value does not match the extracted first value, then the TCP handshake is not allowed to continue.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret and session keys for the secure session. The different server decrypts the encrypted premaster secret, generates the master secret, and generates session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server and transmits those session keys to that server.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret and session keys for the secure session. The different server decrypts the encrypted premaster secret, generates the master secret, and generates session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server and transmits those session keys to that server.

Abstract: A method and apparatus for managing CNAME records such that CNAME records at the root domain are supported while complying with the RFC specification (an IP address is returned for any Address query for the root record). The authoritative DNS infrastructure acts as a DNS resolver where if there is a CNAME at the root record, rather than returning that record directly, a recursive lookup is used to follow the CNAME chain until an A record is located. The address associated with the A record is then returned. This effectively “flattens” the CNAME chain. This complies with the requirements of the DNS specification and is invisible to any service that interacts with the DNS server.

Abstract: A transparent TCP proxy device intercepts TCP connection requests received from a TCP client and destined for a TCP server as if acting as the TCP server in a handshake with the TCP client. Only after completing the handshake with the TCP client, the transparent TCP proxy participates in a handshake with the TCP server as if acting as the TCP client. After the handshake with the TCP server is complete, the transparent TCP proxy intercepts and translates subsequent TCP packets received from the TCP client and destined for the TCP server into a form expected by the TCP server including updating an acknowledgement number and TCP checksum; and intercepts and translates subsequent TCP packets received from the TCP server and destined for the TCP client into a form expected by the TCP client including updating an acknowledgement number and TCP checksum.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to the different server for decryption along with other information necessary to compute a master secret. The different server decrypts the encrypted premaster secret, generates the master secret, and transmits the master secret to the server. The server receives the master secret and continues with the handshake procedure including generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A proxy server receives a request for a web page from a client device. In response to determining that a portion of the web page is available in cache, the proxy server retrieves that portion and transmits it to the client device. The portion of the web page is not the entire web page and is a prediction of the portion of the page that will remain static if the page is reloaded or requested by a different client device. The proxy server transmits a request to an origin server for the full web page. In response to receiving the full web page from the origin server, the proxy server modifies the full web page to remove the portion that was already transmitted to the client device, and transmits the modified web page to the client device.

Abstract: A near end network optimizer receives, from a client device, a request for a network resource. Responsive to determining that a version of the network resource is stored in the near end network optimizer, a request for the network resource is transmitted to a far end network optimizer along with a version identifier that identifies that version. The near end network optimizer receives, from the far end network optimizer, a response that includes a differences file that specifies the difference(s) between the version of the network resource stored in the near end network optimizer with a most current version of the network resource. The response does not include the entire network resource. The near end network optimizer applies the specified difference(s) to the version that it has stored to generate an updated version of the network resource, and transmits the updated version of the network resource to the client device.

Abstract: A Transmission Control Protocol (TCP) receiver receives a SYN segment from a TCP initiator that initiates a TCP handshake between the TCP initiator and a TCP server. A first value is extracted from a predefined portion of the SYN segment. A second value is computed using an authentication algorithm that includes at least using a cryptographic hash function that takes as input at least the source IP address of the encapsulating IP packet of the SYN segment and a shared secret between the TCP initiator and the TCP receiver. If the computed second value matches the extracted first value, then the TCP handshake is allowed to continue. If the computed second value does not match the extracted first value, then the TCP handshake is not allowed to continue.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server proxies messages to/from the different server including a set of signed cryptographic parameters signed using the private key on the different server. The different server generates the master secret, and generates and transmits the session keys to the server that are to be used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A proxy server receives a request for a web page from a client device. In response to determining that a portion of the web page is available in cache, the proxy server retrieves that portion and transmits it to the client device. The portion of the web page is not the entire web page and is a prediction of the portion of the page that will remain static if the page is reloaded or requested by a different client device. The proxy server transmits a request to an origin server for the full web page. In response to receiving the full web page from the origin server, the proxy server modifies the full web page to remove the portion that was already transmitted to the client device, and transmits the modified web page to the client device.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to another server for decryption. The server receives the decrypted premaster secret and continues with the handshake procedure including generating a master secret from the decrypted premaster secret and generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A transparent TCP proxy device intercepts TCP connection requests received from a TCP client and destined for a TCP server as if acting as the TCP server in a handshake with the TCP client. Only after completing the handshake with the TCP client, the transparent TCP proxy participates in a handshake with the TCP server as if acting as the TCP client. After the handshake with the TCP server is complete, the transparent TCP proxy intercepts and translates subsequent TCP packets received from the TCP client and destined for the TCP server into a form expected by the TCP server including updating an acknowledgement number and TCP checksum; and intercepts and translates subsequent TCP packets received from the TCP server and destined for the TCP client into a form expected by the TCP client including updating an acknowledgement number and TCP checksum.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to another server for decryption. The server receives the decrypted premaster secret and continues with the handshake procedure including generating a master secret from the decrypted premaster secret and generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: Methods of storing data records produced from monitoring interactions between external agents and a system are described. The method defines specific interactions that occur between the external agents and the system as events of interest. A chain of interactions occurring during respective interaction sessions between a respective external agent and the system are monitored and events of interest occurring in the chain are determined. Data records from the monitored chain are produced, the respective data record including data identifying determined events of interest and data associated therewith. A profile identity, representative of the external agent, is assigned to each data record produced during an interaction session. Data records of individual events of interest are stored in a way ordered according to the type of event of interest and data records of events of interest occurring during an interaction session are stored in a way ordered according to assigned profile identity.

Abstract: The invention concerns a compound of the Formula (I), wherein Qa is heteroaryl and is substituted with halogeno; R1 and R2 are hydrogen; and Qb is phenyl or heteroaryl, and Qb may optionally bear 1 or 2 substituents selected from hydroxy, halogeno and (1-6C)alkyl, or a pharmaceutically-acceptable salt thereof; processes for their preparation, pharmaceutical compositions containing them and their use in the treatment of diseases or medical conditions mediated by cytokines.

Abstract: A near end network optimizer receives, from a client device, a request for a network resource. Responsive to determining that a version of the network resource is stored in the near end network optimizer, a request for the network resource is transmitted to a far end network optimizer along with a version identifier that identifies that version. The near end network optimizer receives, from the far end network optimizer, a response that includes a differences file that specifies the difference(s) between the version of the network resource stored in the near end network optimizer with a most current version of the network resource. The response does not include the entire network resource. The near end network optimizer applies the specified difference(s) to the version that it has stored to generate an updated version of the network resource, and transmits the updated version of the network resource to the client device.

Abstract: The invention concerns a compound of the Formula (I), wherein Qa is heteroaryl and is substituted with halogeno; R1 and R2 are hydrogen; and Qb is phenyl or heteroaryl, and Qb may optionally bear 1 or 2 substituents selected from hydroxy, halogeno and (1-6C)alkyl, or a pharmaceutically-acceptable salt thereof; processes for their preparation, pharmaceutical compositions containing them and their use in the treatment of diseases or medical conditions mediated by cytokines.